A honeypot, in the context of computer network security, can include software and hardware resources that are intended detect, deflect, or counteract attempts at unauthorized use of information systems. In some examples, honeypots can include simulated network resources such as simulated virtual machines, simulated storage, and the like, but in other examples, real network resources can be a part of a honeypot. Some honeypots are designed to trick malicious users into believing that they are using or have access to legitimate resources or important data, when in reality the resources are simulated or the data that the malicious user has access to is not real. Additionally, honeypots can act as a decoy for malicious users. For example, a honeypot can provide a seemingly easy or attractive intrusion point into a network that acts as a distraction from other network vulnerabilities and locations of sensitive information.
Accordingly, with malicious users believing that they have been undetected and have access to resources and information of interest, the actions of these malicious users can be tracked and neutralized. For example, by allowing malicious users to act within honeypots can allow network administrators to learn about potential security risks of a network and gain information about malicious users that can be provided to law enforcement or can otherwise be used to stop these malicious users. However, while honeypots can be valuable tools for learning about, containing, and deflecting malicious users, service providers that provide computing resources to various customers may potentially impact users utilizing these computing resources should these users select, with no malicious intent, these honeypots. Further, customers may want to determine how honeypots are presented to certain users, if at all.